May 6, 2024 at 03:55PM Mastodon has delayed an update to address link preview DDoS issues. The decentralized nature of the network causes link previews to trigger overwhelming fetch requests, impacting host servers. The update, now deferred to version 4.4.0, aims to resolve this. Additionally, the decentralized model poses challenges, as evidenced by a critical … Read more
March 29, 2024 at 06:05PM Red Hat has warned about a backdoor in the xz compression library affecting Fedora Linux 40, 41, and Rawhide. The vulnerability, rated 10/10 in severity, provides remote backdoor access and interferes with sshd authentication. Users are advised to stop using Fedora Rawhide instances. Red Hat Enterprise Linux (RHEL) is not … Read more
February 6, 2024 at 08:37AM Fortinet’s FortiSIEM product is affected by two critical security vulnerabilities (CVE-2024-23108 and CVE-2024-23109) with a severity score of 10 on the CVSS scale. These flaws allow for remote code execution by unauthenticated attackers. Currently, the affected versions are specified, and Fortinet has recommended upgrading to version 7.1.2 to address the … Read more